@besales/ops-framework 0.1.17 → 0.1.20

package/CHANGELOG.md

@@ -1,5 +1,23 @@
 # Changelog
 
+## 0.1.20
+
+- Added deterministic task Check gates for schema/migration plans: a real disposable/scratch database apply path is required before external Check, and Verify/Human Gate evidence must show a successful apply/migrate/psql run rather than static SQL review only.
+- Added audit/entity_history ambiguity gates: plans and initiative synthesis must explicitly choose a functional DB trigger writer model or an application-code writer model.
+- Added a draft-storage synthesis gate for Variant-A/draft-only apply contracts so `proposed_changes` must explicitly support deferred fact domains with entity/change type, JSON payload, source quote, confidence, financial event, related person and conflict metadata.
+
+## 0.1.19
+
+- Strengthened deterministic Check preflight so external checker calls are skipped when the plan still has placeholder execution metadata, missing verification ladder or missing standards alignment.
+- Tightened O3 optimization gating: plans must include a representative measurement path or explicit blocked/human-owned fallback before external Check.
+- Added `check-timeline.json` telemetry for Check runs, including deterministic blocks, LLM input sizing, cache hits, provider start/completion/failure and context overflow events.
+
+## 0.1.18
+
+- Added work-package dependency metadata (`Depends on`, `Unblocks`, `Can run parallel with`, `Sequencing notes`) to new initiative work packages.
+- Made `initiative-next` dependency-aware and prevented materialization when pending work packages are blocked by unmet dependencies.
+- Added a work-package readiness gate that blocks materialization when a work package covers `REQ-*` items but has only process-level acceptance.
+
 ## 0.1.17
 
 - Broadened the schema compatibility gate so it blocks any schema/foundation requirement that omits fields required by approved dependent requirements, even when the schema text is not written as an explicit closed list.

package/README.md

@@ -249,6 +249,8 @@ Initiative
 
 Work packages are materialized as normal tasks, so `brief/research/plan/check/execute/verify/retrospective/learning` still works at the audit boundary. Slices are not separate tasks; they use fast execution, micro-verify and slice evidence inside the work-package task. Create a separate task only when a slice triggers scope, risk, architecture or human-approval escalation.
 
+Work packages can declare `Depends on`, `Unblocks`, `Can run parallel with` and `Sequencing notes`. `initiative-next` uses `Depends on` to avoid materializing a package before required packages are completed. If a work package lists `REQ-*` coverage, its `Acceptance` must include requirement-level done criteria or explicit `REQ-*` acceptance references; process-only acceptance blocks materialization.
+
 For source docs, use intake before work-package planning:
 
 ```text

package/bin/initiative.mjs

@@ -202,12 +202,14 @@ export function initiativeNext({
   force = false,
 } = {}) {
   const status = initiativeStatus({ projectRoot, initiativeId });
-  const next = status.workPackages.find((wp) => ['pending', 'ready'].includes(wp.status));
+  const readiness = buildWorkPackageReadiness(status.workPackages);
+  const next = readiness.find((item) => item.ready)?.workPackage || null;
   if (!next) {
     return {
       initiativeId,
       next: null,
       materializedTask: null,
+      readiness,
     };
   }
   let materializedTask = null;
@@ -229,6 +231,7 @@ export function initiativeNext({
     initiativeId,
     next,
     materializedTask,
+    readiness,
   };
 }
 
@@ -1035,7 +1038,9 @@ function buildSynthesisReadinessGates({ requirements, sourceDocs }) {
   });
   addScopeStorageConflictGate({ gates, sourceText, requirementText });
   addApplyContractGate({ gates, sourceText, requirementText });
+  addDraftStorageShapeGate({ gates, sourceText, requirementText });
   addSchemaCompatibilityGate({ gates, sourceText, requirements });
+  addAuditWriterModelGate({ gates, sourceText, requirementText });
   addSchemaAttributionWarningGate({ gates, sourceText, requirements });
   addSequencingGate({ gates, sourceText, requirementText });
   addStrongerSourceRefGate({ gates, sourceDocs, requirements });
@@ -1102,6 +1107,65 @@ function addApplyContractGate({ gates, sourceText, requirementText }) {
   }
 }
 
+function addDraftStorageShapeGate({ gates, sourceText, requirementText }) {
+  const combinedText = `${requirementText}\n${sourceText}`;
+  const hasDraftOnlyContract = /(variant\s*a|draft[- ]only|draft|proposed only|not applied|только proposed|чернов)/i.test(combinedText);
+  const hasDeferredFactDomains = /(commitments?|decisions?|risks?|projects?|financial_event|related_person_id|has_conflict)/i.test(combinedText);
+  const mentionsProposedChanges = /proposed_changes?|proposedchange|proposed change/i.test(combinedText);
+  if (!hasDraftOnlyContract || !hasDeferredFactDomains || !mentionsProposedChanges) {
+    return;
+  }
+
+  const requiredFields = [
+    ['entity_type', /entity_type/i],
+    ['change_type', /change_type/i],
+    ['proposed_value JSONB', /(proposed_value|payload).{0,40}(jsonb|json)/i],
+    ['source_quote/source_quote_raw', /source_quote(?:_raw)?/i],
+    ['confidence', /confidence/i],
+    ['financial_event_type', /financial_event_type/i],
+    ['related_person_id', /related_person_id/i],
+    ['has_conflict', /has_conflict/i],
+  ];
+  const missing = requiredFields
+    .filter(([, pattern]) => !pattern.test(requirementText))
+    .map(([name]) => name);
+
+  if (missing.length) {
+    gates.push({
+      id: 'draft-storage-proposed-changes-shape',
+      severity: 'critical',
+      blocking: true,
+      title: 'Draft-only apply contract lacks proposed_changes storage shape',
+      issue: `Variant/draft-only requirements rely on proposed_changes for deferred fact domains, but synthesized requirements do not explicitly cover ${missing.join(', ')}.`,
+      action: 'Before WP planning, add acceptance that `proposed_changes` can store draft commitments/decisions/risks/projects/facts with entity_type, change_type, proposed_value JSONB, source quote fields, confidence, financial_event_type, related_person_id and conflict metadata, or narrow the draft output scope.',
+    });
+  }
+}
+
+function addAuditWriterModelGate({ gates, sourceText, requirementText }) {
+  const combinedText = `${requirementText}\n${sourceText}`;
+  const mentionsAudit = /(entity_history|audit|before\/after|before and after|log_entity_change|app\.current_user_id|attribution)/i.test(combinedText);
+  if (!mentionsAudit) {
+    return;
+  }
+  const triggerModel = /(trigger|log_entity_change|before\/after|before and after|current_setting\('app\.current_user_id'\)|триггер)/i.test(requirementText);
+  const appModel = /(application[- ]code writer|app(?:lication)? writes|apply[- ]code writes|manual writer|writes entity_history manually|пишет entity_history|прикладн)/i.test(requirementText);
+  const ambiguous = /(trigger|триггер).{0,80}\b(or|или)\b.{0,80}(application|app|manual|код|вручн)/i.test(combinedText)
+    || /(application|app|manual|код|вручн).{0,80}\b(or|или)\b.{0,80}(trigger|триггер)/i.test(combinedText)
+    || /(table only|only table|таблиц[ауы].{0,80}без триггер|helper pattern only|entity_history plus helper pattern|helper pattern)/i.test(combinedText);
+  if (!ambiguous && (triggerModel || appModel)) {
+    return;
+  }
+  gates.push({
+    id: 'audit-writer-model-ambiguous',
+    severity: 'needs_decision',
+    blocking: true,
+    title: 'Audit history writer model is ambiguous',
+    issue: 'Requirements mention audit/entity_history/attribution, but do not decide whether audit rows are written by functional DB triggers or by application/apply code.',
+    action: 'Before WP-001 planning, choose the audit writer model explicitly. For DB-trigger audit, require `log_entity_change`, trigger attachment to core tables and `app.current_user_id`; for app-code audit, require the exact apply-code writer contract and covered entities.',
+  });
+}
+
 function addSchemaCompatibilityGate({ gates, sourceText, requirements }) {
   const schemaReq = findSchemaRequirement(requirements);
   if (!schemaReq) {
@@ -1327,6 +1391,7 @@ function listWorkPackages(initiativeDir) {
 
 function readWorkPackage(filePath, fallbackId) {
   const content = fs.existsSync(filePath) ? fs.readFileSync(filePath, 'utf8') : '';
+  const dependencies = readWorkPackageDependencies(content);
   return {
     id: readInlineField(content, 'ID') || fallbackId,
     title: readInlineField(content, 'Title') || humanizeSlug(fallbackId.replace(/^WP-\d{3}-/, '')),
@@ -1334,11 +1399,89 @@ function readWorkPackage(filePath, fallbackId) {
     task: readInlineField(content, 'Task') || '',
     mode: readInlineField(content, 'Mode') || 'standard_work_package',
     goal: readSection(content, 'Goal') || '',
+    requirementsCoverage: readBulletsFromSection(content, 'Requirements Coverage'),
     slices: readBulletsFromSection(content, 'Slices'),
+    acceptance: readBulletsFromSection(content, 'Acceptance'),
+    dependencies,
     path: filePath,
   };
 }
 
+function readWorkPackageDependencies(content) {
+  const section = readSection(content, 'Dependencies');
+  return {
+    dependsOn: readDependencyField(section, 'Depends on'),
+    unblocks: readDependencyField(section, 'Unblocks'),
+    parallelWith: readDependencyField(section, 'Can run parallel with'),
+    sequencingNotes: readDependencyField(section, 'Sequencing notes'),
+  };
+}
+
+function readDependencyField(section, field) {
+  if (!section) {
+    return [];
+  }
+  const match = new RegExp(`^-\\s+${escapeRegExp(field)}:\\s*(.*)$`, 'im').exec(section);
+  if (!match) {
+    return [];
+  }
+  return splitDependencyRefs(match[1]);
+}
+
+function splitDependencyRefs(value) {
+  return String(value || '')
+    .split(/[,;]/)
+    .map((item) => item.trim())
+    .filter((item) => item && !/^\(?none\)?$/i.test(item) && !/^\[?fill in\]?$/i.test(item));
+}
+
+function buildWorkPackageReadiness(workPackages) {
+  const byId = new Map(workPackages.map((wp) => [wp.id, wp]));
+  return workPackages
+    .filter((wp) => ['pending', 'ready'].includes(wp.status))
+    .map((wp) => {
+      const blockers = [];
+      for (const dependencyId of wp.dependencies.dependsOn) {
+        const dependency = byId.get(dependencyId);
+        if (!dependency) {
+          blockers.push(`Dependency ${dependencyId} is missing.`);
+          continue;
+        }
+        if (!workPackageDependencySatisfied(dependency)) {
+          blockers.push(`Dependency ${dependencyId} is ${dependency.status || 'unknown'}, not completed.`);
+        }
+      }
+      if (workPackageAcceptanceIsProcessOnly(wp)) {
+        blockers.push('Acceptance is process-only while Requirements Coverage is present; add requirement-level done criteria before materialize.');
+      }
+      return {
+        workPackage: wp,
+        ready: blockers.length === 0,
+        blockers,
+      };
+    });
+}
+
+function workPackageDependencySatisfied(workPackage) {
+  return /^(done|complete|completed|verified|closed)$/i.test(workPackage.status || '');
+}
+
+function workPackageAcceptanceIsProcessOnly(workPackage) {
+  const coverageText = workPackage.requirementsCoverage.join('\n');
+  if (!/\bREQ-\d{3}\b/.test(coverageText)) {
+    return false;
+  }
+  const acceptance = workPackage.acceptance;
+  if (!acceptance.length) {
+    return true;
+  }
+  const acceptanceText = acceptance.join('\n');
+  if (/\bREQ-\d{3}\b/.test(acceptanceText)) {
+    return false;
+  }
+  return acceptance.every((item) => /(verify completed|completed verify|slice ledger|learning closeout|task closeout|execution\.md)/i.test(item));
+}
+
 function updateWorkPackageStatus({ workPackagePath, status, taskId }) {
   const content = fs.readFileSync(workPackagePath, 'utf8');
   let updated = content
@@ -1438,6 +1581,17 @@ function buildWorkPackageMarkdown({ initiativeId, workPackageId, title, goal, mo
     '- Excluded:',
     '- Escalate to separate task if:',
     '',
+    '## Requirements Coverage',
+    '',
+    '- REQ-000: Add covered requirement and keep acceptance aligned with requirement-level done criteria.',
+    '',
+    '## Dependencies',
+    '',
+    '- Depends on: (none)',
+    '- Unblocks: (none)',
+    '- Can run parallel with: (none)',
+    '- Sequencing notes: (none)',
+    '',
     '## Slices',
     '',
     '- Slice 1: Define the first implementation slice.',
@@ -1446,6 +1600,7 @@ function buildWorkPackageMarkdown({ initiativeId, workPackageId, title, goal, mo
     '',
     '## Acceptance',
     '',
+    '- Covered REQ-* acceptance criteria are satisfied or explicitly deferred with human approval.',
     '- Work-package task has completed Verify.',
     '- Slice ledger is recorded in execution.md.',
     '- Learning closeout is completed before task closeout.',
@@ -1562,6 +1717,13 @@ function printInitiativeNext(result) {
   console.log(`Initiative next: ${result.initiativeId}`);
   if (!result.next) {
     console.log('- no pending work packages');
+    const blocked = (result.readiness || []).filter((item) => !item.ready);
+    for (const item of blocked) {
+      console.log(`- blocked: ${item.workPackage.id}`);
+      for (const blocker of item.blockers) {
+        console.log(`  - ${blocker}`);
+      }
+    }
     return;
   }
   console.log(`- workPackage: ${result.next.id}`);

package/bin/initiative.test.mjs

@@ -76,6 +76,110 @@ describe('initiative framework', () => {
     expect(workPackage).toContain('Task: TASK-001-foundation');
   });
 
+  it('selects the next work package with dependency readiness', () => {
+    const root = makeProject();
+    createInitiative({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+      title: 'Delivery OS MVP',
+    });
+    addWorkPackage({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+      workPackageId: 'WP-001-foundation',
+      title: 'Foundation',
+    });
+    addWorkPackage({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+      workPackageId: 'WP-003-process-meeting',
+      title: 'Process Meeting',
+    });
+    const wp3Path = path.join(root, 'ops', 'agent-pipeline', 'initiatives', 'delivery-os-mvp', 'work-packages', 'WP-003-process-meeting', 'work-package.md');
+    fs.writeFileSync(wp3Path, fs.readFileSync(wp3Path, 'utf8').replace(
+      '- Depends on: (none)',
+      '- Depends on: WP-001-foundation',
+    ));
+
+    let next = initiativeNext({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+    });
+
+    expect(next.next.id).toBe('WP-001-foundation');
+    expect(next.readiness.find((item) => item.workPackage.id === 'WP-003-process-meeting').blockers[0]).toContain('Dependency WP-001-foundation');
+
+    const wp1Path = path.join(root, 'ops', 'agent-pipeline', 'initiatives', 'delivery-os-mvp', 'work-packages', 'WP-001-foundation', 'work-package.md');
+    fs.writeFileSync(wp1Path, fs.readFileSync(wp1Path, 'utf8').replace('Status: pending', 'Status: completed'));
+
+    next = initiativeNext({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+    });
+
+    expect(next.next.id).toBe('WP-003-process-meeting');
+  });
+
+  it('blocks materialization when covered requirements have process-only acceptance', () => {
+    const root = makeProject();
+    createInitiative({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+      title: 'Delivery OS MVP',
+    });
+    addWorkPackage({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+      workPackageId: 'WP-001-foundation',
+      title: 'Foundation',
+    });
+    const wpPath = path.join(root, 'ops', 'agent-pipeline', 'initiatives', 'delivery-os-mvp', 'work-packages', 'WP-001-foundation', 'work-package.md');
+    fs.writeFileSync(wpPath, [
+      '# Work Package',
+      '',
+      'ID: WP-001-foundation',
+      'Initiative: delivery-os-mvp',
+      'Title: Foundation',
+      'Status: pending',
+      'Task:',
+      'Mode: standard_work_package',
+      '',
+      '## Goal',
+      '',
+      'Create foundation.',
+      '',
+      '## Requirements Coverage',
+      '',
+      '- REQ-002',
+      '',
+      '## Dependencies',
+      '',
+      '- Depends on: (none)',
+      '',
+      '## Slices',
+      '',
+      '- Slice 1: Build foundation.',
+      '',
+      '## Acceptance',
+      '',
+      '- Work-package task has completed Verify.',
+      '- Slice ledger is recorded in execution.md.',
+      '- Learning closeout is completed before task closeout.',
+      '',
+    ].join('\n'));
+
+    const next = initiativeNext({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+      materializeTask: true,
+    });
+
+    expect(next.next).toBeNull();
+    expect(next.materializedTask).toBeNull();
+    expect(next.readiness[0].blockers[0]).toContain('Acceptance is process-only');
+    expect(fs.existsSync(path.join(root, 'ops', 'agent-pipeline', 'tasks', 'TASK-001-foundation'))).toBe(false);
+  });
+
   it('indexes source docs and builds a requirements map', () => {
     const root = makeProject();
     const docsDir = path.join(root, 'docs', 'delivery-os');
@@ -679,6 +783,120 @@ describe('initiative framework', () => {
     expect(schemaGate.issue).toContain('meeting_track');
     expect(schemaGate.action).toContain('meetings.raw_speaker_labels');
   });
+
+  it('blocks synthesis when draft-only proposed_changes storage shape is incomplete', () => {
+    const root = makeProject();
+    const docsDir = path.join(root, 'docs', 'delivery-os');
+    fs.mkdirSync(docsDir, { recursive: true });
+    fs.writeFileSync(path.join(docsDir, '99-feedback-log.md'), [
+      '# Feedback',
+      '',
+      '- Human-approved Variant A: commitments, decisions, risks and financial_event facts are draft-only ProposedChange outputs in Phase 1.',
+      '- Drafts need related_person_id, has_conflict and source quote attribution.',
+    ].join('\n'));
+    createInitiative({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+      title: 'Delivery OS MVP',
+    });
+    initiativeIntake({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+      docsDir: 'docs/delivery-os',
+      phase: 'phase-1',
+    });
+    const initiativeDir = path.join(root, 'ops', 'agent-pipeline', 'initiatives', 'delivery-os-mvp');
+    fs.writeFileSync(path.join(initiativeDir, 'requirements-map.md'), [
+      '# Requirements Map',
+      '',
+      '## Requirement Details',
+      '',
+      '### REQ-005',
+      '',
+      '- Status: `approved`',
+      '- Source: `docs/delivery-os/99-feedback-log.md:1`',
+      '- Source hash: `sha`',
+      '- Phase: `phase-1`',
+      '- Quality: `complete`',
+      '- Quality issue: (none)',
+      '- Work package: WP-004',
+      '- Acceptance: Variant A keeps commitments/decisions/risks as draft ProposedChange records, not applied truth writes.',
+      '- Decision: `approve`',
+      '- Notes: Human-approved Variant A.',
+      '- Requirement: Phase 1 apply writes clients/people/meetings and keeps deferred domains as draft proposed_changes.',
+      '',
+    ].join('\n'));
+
+    const synthesis = initiativeRequirementsSynthesis({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+    });
+
+    const gate = synthesis.gates.find((item) => item.id === 'draft-storage-proposed-changes-shape');
+    expect(gate).toMatchObject({
+      severity: 'critical',
+      blocking: true,
+    });
+    expect(gate.issue).toContain('entity_type');
+    expect(gate.issue).toContain('related_person_id');
+    expect(synthesis.rewriteRequired).toBe(true);
+  });
+
+  it('blocks synthesis when audit/entity_history writer model is ambiguous', () => {
+    const root = makeProject();
+    const docsDir = path.join(root, 'docs', 'delivery-os');
+    fs.mkdirSync(docsDir, { recursive: true });
+    fs.writeFileSync(path.join(docsDir, '07-adrs.md'), [
+      '# ADR',
+      '',
+      '- Attribution requires app.current_user_id and entity_history audit before/after records.',
+    ].join('\n'));
+    createInitiative({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+      title: 'Delivery OS MVP',
+    });
+    initiativeIntake({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+      docsDir: 'docs/delivery-os',
+      phase: 'phase-1',
+    });
+    const initiativeDir = path.join(root, 'ops', 'agent-pipeline', 'initiatives', 'delivery-os-mvp');
+    fs.writeFileSync(path.join(initiativeDir, 'requirements-map.md'), [
+      '# Requirements Map',
+      '',
+      '## Requirement Details',
+      '',
+      '### REQ-002',
+      '',
+      '- Status: `approved`',
+      '- Source: `docs/delivery-os/07-adrs.md:1`',
+      '- Source hash: `sha`',
+      '- Phase: `phase-1`',
+      '- Quality: `complete`',
+      '- Quality issue: (none)',
+      '- Work package: WP-001',
+      '- Acceptance: Schema includes entity_history and app.current_user_id helper pattern.',
+      '- Decision: `approve`',
+      '- Notes: Audit trigger scope may expand; minimum is entity_history plus helper pattern.',
+      '- Requirement: Phase 1 schema preserves attribution and audit history.',
+      '',
+    ].join('\n'));
+
+    const synthesis = initiativeRequirementsSynthesis({
+      projectRoot: root,
+      initiativeId: 'delivery-os-mvp',
+    });
+
+    const gate = synthesis.gates.find((item) => item.id === 'audit-writer-model-ambiguous');
+    expect(gate).toMatchObject({
+      severity: 'needs_decision',
+      blocking: true,
+    });
+    expect(gate.action).toContain('log_entity_change');
+    expect(synthesis.rewriteRequired).toBe(true);
+  });
 });
 
 function makeProject() {

package/bin/lib/check-context-utils.mjs

@@ -228,6 +228,8 @@ export function computeTaskContextInputs(taskDir) {
   const qualityGates = analyzePlanQualityGates({
     planContent: taskArtifacts.get('plan.md'),
     risk,
+    referencedFiles,
+    structuralLines,
   });
 
   return {
@@ -755,7 +757,7 @@ ${missingSignals.length ? missingSignals.map((signal) => `- ${signal}`).join('\n
 `;
 }
 
-export function analyzePlanQualityGates({ planContent, risk }) {
+export function analyzePlanQualityGates({ planContent, risk, referencedFiles = [], structuralLines = [] }) {
   const sections = parseMarkdownSections(planContent);
   const uiRequired = requiresUiAcceptanceScenarios(risk.riskTriggers);
   const complexityRequired = requiresComplexityBudget(risk.riskTriggers);
@@ -763,6 +765,12 @@ export function analyzePlanQualityGates({ planContent, risk }) {
   const optimizationRequired = requiresOptimizationStrategy(optimizationTier);
   const productionRolloutRequired = requiresProductionRolloutGate(risk.riskTriggers);
   const sourceSyncProviderRequired = requiresSourceSyncProviderGate(risk.riskTriggers);
+  const executionMetadata = inspectExecutionMetadata(sections);
+  const verificationLadder = inspectVerificationLadder(sections);
+  const standardsAlignmentRequired = requiresStandardsAlignment({ referencedFiles, structuralLines });
+  const standardsAlignment = inspectStandardsAlignment(sections);
+  const migrationApply = inspectMigrationApplyPlan(sections, risk.riskTriggers);
+  const auditWriterModel = inspectAuditWriterModel(sections, planContent);
   const uiAcceptance = inspectUiAcceptanceScenarios(sections);
   const complexityBudget = inspectComplexityPerformanceBudget(sections);
   const optimizationStrategy = inspectOptimizationStrategy(sections);
@@ -770,6 +778,21 @@ export function analyzePlanQualityGates({ planContent, risk }) {
   const sourceSyncProvider = inspectSourceSyncProviderGate(sections);
   const missingSignals = [];
 
+  if (!executionMetadata.present) {
+    missingSignals.push('Plan must include `## Risk tier and execution budget` with explicit risk tier, speed mode, execution target and budget/stop rule.');
+  }
+  if (!verificationLadder.present) {
+    missingSignals.push('Plan must include a `Verification ladder` with micro-verify, slice-verify and external Verify decision.');
+  }
+  if (standardsAlignmentRequired && !standardsAlignment.present) {
+    missingSignals.push('Standards file/reference detected but `## Global Standards Alignment` / `## Standards Alignment` is missing or incomplete.');
+  }
+  if (migrationApply.required && !migrationApply.present) {
+    missingSignals.push('Schema/migration work requires a real apply path on a disposable/scratch database before closeout; static SQL review alone is not enough.');
+  }
+  if (auditWriterModel.required && !auditWriterModel.present) {
+    missingSignals.push('Audit/entity_history requirement must declare the writer model: functional DB trigger versus explicit application-code writer, not an ambiguous table-only audit.');
+  }
   if (uiRequired && !uiAcceptance.present) {
     missingSignals.push('UI-visible risk detected but `## UI Acceptance Scenarios` is missing or incomplete.');
   }
@@ -782,6 +805,9 @@ export function analyzePlanQualityGates({ planContent, risk }) {
   if (optimizationRequired && !optimizationStrategy.present) {
     missingSignals.push(`Optimization tier ${optimizationTier} detected but \`## Optimization Strategy\` is missing or incomplete.`);
   }
+  if (optimizationTier === 'O3' && optimizationStrategy.present && !optimizationStrategy.hasMeasurementPath) {
+    missingSignals.push('Optimization tier O3 requires a representative measurement path or explicit blocked/human-owned fallback.');
+  }
   if (productionRolloutRequired && !productionRollout.present) {
     missingSignals.push('Production rollout risk detected but `## Production Rollout Gate` is missing or incomplete.');
   }
@@ -790,6 +816,12 @@ export function analyzePlanQualityGates({ planContent, risk }) {
   }
 
   return {
+    executionMetadata,
+    verificationLadder,
+    standardsAlignmentRequired,
+    standardsAlignment,
+    migrationApply,
+    auditWriterModel,
     uiRequired,
     uiAcceptance,
     complexityRequired,
@@ -805,6 +837,173 @@ export function analyzePlanQualityGates({ planContent, risk }) {
   };
 }
 
+export function inspectExecutionMetadata(sections) {
+  const body = readCanonicalSection(sections, [
+    'risk tier and execution budget',
+    'risk tier',
+    'execution budget',
+  ]);
+  if (!body) {
+    return {
+      present: false,
+      hasRiskTier: false,
+      hasSpeedMode: false,
+      hasExecutionTarget: false,
+      hasBudget: false,
+    };
+  }
+
+  const normalized = body.toLowerCase();
+  const targetValue = readLabeledValue(body, ['approved execution target', 'execution target', 'target']);
+  const budgetValue = firstNonEmptyValue([
+    readLabeledValue(body, ['execution budget', 'budget', 'optimizer budget / stop rule']),
+    readLabeledValue(body, ['fast-loop allowed inside this slice', 'fast-loop allowed']),
+    readLabeledValue(body, ['requires return to plan/check if', 'requires return']),
+  ]);
+  const result = {
+    present: true,
+    hasRiskTier: /risk tier\s*:\s*`?\s*R[0-5]\b/i.test(body) && !/risk tier\s*:\s*`?\s*R0\s*\|/i.test(body),
+    hasSpeedMode: /speed mode\s*:\s*`?\s*(fast|standard|strict)\b/i.test(body) && !/speed mode\s*:\s*`?\s*fast\s*\|/i.test(body),
+    hasExecutionTarget: Boolean(targetValue && !/^(tbd|todo|n\/a|none|-)?$/i.test(targetValue.trim())),
+    hasBudget: Boolean(budgetValue && !/^(tbd|todo|n\/a|none|-)?$/i.test(budgetValue.trim())) || /(?:budget|stop rule|лимит|бюджет)\s*:\s*\S/i.test(normalized),
+  };
+  result.complete = result.hasRiskTier && result.hasSpeedMode && result.hasExecutionTarget && result.hasBudget;
+  result.present = result.complete;
+  return result;
+}
+
+export function inspectVerificationLadder(sections) {
+  const body = [
+    readCanonicalSection(sections, ['verification ladder']),
+    readCanonicalSection(sections, ['план проверки', 'verification plan', 'verification and replay plan']),
+  ].filter(Boolean).join('\n');
+  if (!body) {
+    return {
+      present: false,
+      hasMicroVerify: false,
+      hasSliceVerify: false,
+      hasExternalVerifyDecision: false,
+    };
+  }
+
+  const normalized = body.toLowerCase();
+  const result = {
+    present: true,
+    hasMicroVerify: /micro-?verify|micro verify|микро/.test(normalized),
+    hasSliceVerify: /slice-?verify|slice verify|слайс/.test(normalized),
+    hasExternalVerifyDecision: /external verify|required before closeout|yes\s*\|\s*no|external_cli|internal_supervisor|внешн/.test(normalized),
+  };
+  result.complete = result.hasMicroVerify && result.hasSliceVerify && result.hasExternalVerifyDecision;
+  result.present = result.complete;
+  return result;
+}
+
+export function requiresStandardsAlignment({ referencedFiles = [], structuralLines = [] } = {}) {
+  const text = [...referencedFiles, ...structuralLines].join('\n').toLowerCase();
+  return /(^|\/|\.)(claude|standards|standard|rules|conventions)(\.md|\.mdc|\/|$)/.test(text)
+    || /\b(standards|conventions|coding rules|global rules|claude\.md)\b/.test(text);
+}
+
+export function inspectStandardsAlignment(sections) {
+  const body = readCanonicalSection(sections, [
+    'global standards alignment',
+    'standards alignment',
+    'standards',
+  ]);
+  if (!body) {
+    return {
+      present: false,
+      hasLocalInterpretation: false,
+      hasValidation: false,
+    };
+  }
+
+  const normalized = body.toLowerCase();
+  const result = {
+    present: true,
+    hasLocalInterpretation: /local interpretation|applied here|applies|интерпретац|применим|учитываем|следуем/.test(normalized),
+    hasValidation: /validate|verification|check|test|lint|провер/.test(normalized),
+  };
+  result.complete = result.hasLocalInterpretation && result.hasValidation;
+  result.present = result.complete;
+  return result;
+}
+
+export function inspectMigrationApplyPlan(sections, riskTriggers = []) {
+  const required = riskTriggers.includes('prisma-schema');
+  const body = [
+    readCanonicalSection(sections, ['production rollout gate', 'production rollout', 'rollout gate', 'deployment gate']),
+    readCanonicalSection(sections, ['план проверки', 'verification plan', 'verification and replay plan']),
+    readCanonicalSection(sections, ['risk tier and execution budget']),
+  ].filter(Boolean).join('\n');
+  if (!required) {
+    return {
+      required: false,
+      present: true,
+      hasApplyCommand: false,
+      hasDisposableTarget: false,
+      rejectsStaticOnly: false,
+    };
+  }
+  if (!body) {
+    return {
+      required,
+      present: false,
+      hasApplyCommand: false,
+      hasDisposableTarget: false,
+      rejectsStaticOnly: false,
+    };
+  }
+
+  const normalized = body.toLowerCase();
+  const result = {
+    required,
+    present: true,
+    hasApplyCommand: /\b(apply|migrate|psql|db push|migration)\b/.test(normalized),
+    hasDisposableTarget: /\b(disposable|scratch|throwaway|temporary|temp|ephemeral|test database|local postgres|railway postgres|staging db|однораз|временн|тестов)\b/.test(normalized),
+    rejectsStaticOnly: /static(?: sql)? review alone is not enough|not static[- ]only|статическ.{0,40}недостаточно|blocked evidence.{0,80}not accepted/i.test(body),
+  };
+  result.complete = result.hasApplyCommand && result.hasDisposableTarget;
+  result.present = result.complete;
+  return result;
+}
+
+export function inspectAuditWriterModel(sections, planContent = '') {
+  const text = [
+    planContent,
+    readCanonicalSection(sections, ['production rollout gate', 'production rollout']),
+    readCanonicalSection(sections, ['шаги реализации', 'implementation steps']),
+    readCanonicalSection(sections, ['риски и открытые вопросы', 'known risks']),
+  ].filter(Boolean).join('\n');
+  const required = /(entity_history|audit|before\/after|before and after|log_entity_change|current_setting\('app\.current_user_id'\)|app\.current_user_id|attribution)/i.test(text);
+  if (!required) {
+    return {
+      required: false,
+      present: true,
+      writerModel: null,
+      ambiguous: false,
+    };
+  }
+
+  const triggerModel = /(trigger|log_entity_change|before\/after|before and after|current_setting\('app\.current_user_id'\)|навеш|триггер)/i.test(text);
+  const appModel = /(application[- ]code writer|app(?:lication)? writes|apply[- ]code writes|manual writer|writes entity_history manually|пишет entity_history|прикладн)/i.test(text);
+  const tableOnlyAmbiguity = /(table only|only table|таблиц[ауы].{0,80}без триггер|entity_history.{0,120}(without|no) trigger|helper pattern only|minimum is entity_history plus helper pattern)/i.test(text);
+  const eitherOrAmbiguity = /(trigger|триггер).{0,80}\b(or|или)\b.{0,80}(application|app|manual|код|вручн)/i.test(text)
+    || /(application|app|manual|код|вручн).{0,80}\b(or|или)\b.{0,80}(trigger|триггер)/i.test(text);
+  const ambiguous = tableOnlyAmbiguity || eitherOrAmbiguity || (!triggerModel && !appModel);
+  const writerModel = triggerModel && !eitherOrAmbiguity
+    ? 'db_trigger'
+    : appModel && !eitherOrAmbiguity
+      ? 'application_code'
+      : null;
+  return {
+    required,
+    present: Boolean(writerModel && !ambiguous),
+    writerModel,
+    ambiguous,
+  };
+}
+
 export function requiresUiAcceptanceScenarios(riskTriggers = []) {
   return riskTriggers.includes('panel-ui') || riskTriggers.includes('ui-visible-api');
 }
@@ -953,13 +1152,16 @@ export function inspectOptimizationStrategy(sections) {
     hasApproach: /strategy|approach|chosen|batch|map|set|index|query|window|memo|cache|подход|стратег/.test(normalized),
     hasAntiPatterns: /n\+1|repeated scan|nested|o\(n\^2\)|unbounded|full scan|render|anti-pattern|антипаттерн/.test(normalized),
     hasBudget: /budget|stop rule|stop-rule|minutes|минут|measurement|timing|benchmark|explain|defer|бюджет|лимит/.test(normalized),
+    hasMeasurementPath: /measurement|timing|benchmark|profile|profiling|explain|representative|smoke metric|human-owned fallback|blocked fallback|измер|замер|метрик/.test(normalized),
   };
+  const tierRequiresMeasurement = result.tier === 'O3';
   result.complete = Boolean(result.tier)
     && result.hasHotPaths
     && result.hasDataSize
     && result.hasApproach
     && result.hasAntiPatterns
-    && result.hasBudget;
+    && result.hasBudget
+    && (!tierRequiresMeasurement || result.hasMeasurementPath);
   result.present = result.complete;
   return result;
 }
@@ -1034,6 +1236,21 @@ function readCanonicalSection(sections, names) {
   return '';
 }
 
+function readLabeledValue(body, labels) {
+  for (const label of labels) {
+    const escaped = label.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+    const match = new RegExp(`${escaped}\\s*:\\s*([^\\n]+)`, 'i').exec(body);
+    if (match) {
+      return match[1].replace(/^[-\s`]*/, '').replace(/`+$/, '').trim();
+    }
+  }
+  return '';
+}
+
+function firstNonEmptyValue(values) {
+  return values.find((value) => typeof value === 'string' && value.trim()) || '';
+}
+
 export function buildCheckerContextPack({
   taskId,
   risk,
@@ -1313,6 +1530,28 @@ export function validateExecutionEvidenceForPlan({ planContent, executionContent
     }
   }
 
+  if (planRequiresRealMigrationApply(planContent)) {
+    const evidence = readAnySection(executionSections, [
+      'migration apply evidence',
+      'schema migration evidence',
+      'production rollout evidence',
+      'rollout evidence',
+      'preflight evidence',
+      'micro-verify evidence',
+    ]);
+    if (!evidence) {
+      errors.push({
+        category: 'unrun_required_check',
+        message: 'Schema/migration plan requires real disposable/scratch DB apply evidence before Verify/Human Gate.',
+      });
+    } else if (!/(apply|migrate|psql|migration|db push)/i.test(evidence) || !/(pass|passed|success|ok|applied|успеш)/i.test(evidence) || !/(scratch|throwaway|disposable|temporary|temp|ephemeral|test database|local postgres|railway postgres|однораз|временн|тестов)/i.test(evidence)) {
+      errors.push({
+        category: 'insufficient_evidence',
+        message: 'Migration Apply Evidence must show a successful apply/migrate/psql run against a disposable/scratch database target.',
+      });
+    }
+  }
+
   if (hasAnySection(planSections, ['source sync / provider gate', 'source sync provider gate', 'source sync gate', 'provider gate'])) {
     const evidence = readAnySection(executionSections, ['source sync / provider evidence', 'source sync evidence', 'provider evidence']);
     if (!evidence) {
@@ -1331,6 +1570,16 @@ export function validateExecutionEvidenceForPlan({ planContent, executionContent
   return errors;
 }
 
+function planRequiresRealMigrationApply(planContent) {
+  const sections = parseMarkdownSections(planContent || '');
+  const planText = planContent || '';
+  const hasMigration = /(schema\.prisma|prisma\/migrations|migration|migrations?|create table|alter table|plain sql|DDL|схем|миграц)/i.test(planText);
+  if (!hasMigration) {
+    return false;
+  }
+  return inspectMigrationApplyPlan(sections, ['prisma-schema']).present;
+}
+
 function hasAnySection(sections, names) {
   return Boolean(readAnySection(sections, names));
 }

package/bin/lib/check-context-utils.test.mjs

@@ -13,12 +13,18 @@ import {
   riskRootWarnings,
   selectRelevantPlaybookNames,
   inspectComplexityPerformanceBudget,
+  inspectExecutionMetadata,
+  inspectAuditWriterModel,
+  inspectMigrationApplyPlan,
   inspectOptimizationStrategy,
   inspectProductionRolloutGate,
   inspectSourceSyncProviderGate,
+  inspectStandardsAlignment,
   inspectUiAcceptanceScenarios,
+  inspectVerificationLadder,
   parseMarkdownSections,
   requiresOptimizationStrategy,
+  requiresStandardsAlignment,
   validateExecutionEvidenceForPlan,
 } from './check-context-utils.mjs';
 
@@ -49,6 +55,176 @@ describe('agent pipeline quality gates', () => {
     expect(result.missingSignals).toContain('UI-visible risk detected but `## UI Acceptance Scenarios` is missing or incomplete.');
   });
 
+  it('blocks external check locally when execution metadata is placeholder-only', () => {
+    const plan = [
+      '# Plan',
+      '',
+      '## Risk tier and execution budget',
+      '',
+      '- Risk tier: `R0 | R1 | R2 | R3 | R4 | R5`',
+      '- Speed mode: `Fast | Standard | Strict`',
+      '- Approved execution target:',
+      '- Fast-loop allowed inside this slice:',
+      '- Requires return to Plan/Check if:',
+    ].join('\n');
+
+    const result = analyzePlanQualityGates({
+      planContent: plan,
+      risk: {
+        riskProfile: 'low',
+        riskTriggers: ['docs-only'],
+      },
+    });
+
+    expect(result.executionMetadata.present).toBe(false);
+    expect(result.missingSignals).toContain('Plan must include `## Risk tier and execution budget` with explicit risk tier, speed mode, execution target and budget/stop rule.');
+  });
+
+  it('accepts explicit execution metadata and verification ladder', () => {
+    const sections = parseMarkdownSections([
+      '# Plan',
+      '',
+      '## Risk tier and execution budget',
+      '',
+      '- Risk tier: `R2`',
+      '- Speed mode: `Standard`',
+      '- Approved execution target: local schema files and API DTOs only.',
+      '- Fast-loop allowed inside this slice: yes, until migration scope changes.',
+      '- Requires return to Plan/Check if: destructive migration or production data write appears.',
+      '',
+      '## План проверки',
+      '',
+      '### Verification ladder',
+      '',
+      '- Micro-verify during Execute: node --check.',
+      '- Slice-verify before completion: tests.',
+      '- External Verify required before closeout: no, internal_supervisor is enough.',
+    ].join('\n'));
+
+    expect(inspectExecutionMetadata(sections).present).toBe(true);
+    expect(inspectVerificationLadder(sections).present).toBe(true);
+  });
+
+  it('requires standards alignment only when standards references are present', () => {
+    expect(requiresStandardsAlignment({
+      referencedFiles: ['../.claude/CLAUDE.MD'],
+      structuralLines: [],
+    })).toBe(true);
+    expect(requiresStandardsAlignment({
+      referencedFiles: ['docs/01-overview.md'],
+      structuralLines: [],
+    })).toBe(false);
+
+    const missing = analyzePlanQualityGates({
+      planContent: '# Plan\n',
+      risk: {
+        riskProfile: 'low',
+        riskTriggers: ['docs-only'],
+      },
+      referencedFiles: ['../.claude/CLAUDE.MD'],
+    });
+    expect(missing.missingSignals).toContain('Standards file/reference detected but `## Global Standards Alignment` / `## Standards Alignment` is missing or incomplete.');
+
+    const sections = parseMarkdownSections([
+      '# Plan',
+      '',
+      '## Global Standards Alignment',
+      '',
+      '- Local interpretation: apply repo naming and validation rules to this task.',
+      '- Validation: run lint/test commands from the plan.',
+    ].join('\n'));
+    expect(inspectStandardsAlignment(sections).present).toBe(true);
+  });
+
+  it('requires a real disposable migration apply path for schema work before external check', () => {
+    const result = analyzePlanQualityGates({
+      planContent: [
+        '# Plan',
+        '',
+        '## Risk tier and execution budget',
+        '',
+        '- Risk tier: `R3`',
+        '- Speed mode: `Standard`',
+        '- Approved execution target: plain SQL migration.',
+        '- Requires return to Plan/Check if: database apply cannot run.',
+        '',
+        '## План проверки',
+        '',
+        '### Verification ladder',
+        '',
+        '- Micro-verify during Execute: static SQL review.',
+        '- Slice-verify before completion: blocked if Postgres unavailable.',
+        '- External Verify required before closeout: no.',
+        '',
+        '## Production Rollout Gate',
+        '',
+        '- Impact / blast radius: local schema migration only.',
+        '- Environment / deploy variables: none.',
+        '- Rollback / disable path: revert migration file.',
+        '- Post-deploy evidence: static SQL review if Postgres unavailable.',
+      ].join('\n'),
+      risk: {
+        riskProfile: 'high',
+        riskTriggers: ['prisma-schema'],
+      },
+    });
+
+    expect(result.migrationApply.required).toBe(true);
+    expect(result.migrationApply.present).toBe(false);
+    expect(result.missingSignals).toContain('Schema/migration work requires a real apply path on a disposable/scratch database before closeout; static SQL review alone is not enough.');
+  });
+
+  it('accepts migration apply plan with disposable database target', () => {
+    const sections = parseMarkdownSections([
+      '# Plan',
+      '',
+      '## Production Rollout Gate',
+      '',
+      '- Impact / blast radius: local schema migration only.',
+      '- Environment / deploy variables: temporary Railway Postgres scratch database.',
+      '- Rollback / disable path: drop scratch database and revert migration file.',
+      '- Post-deploy evidence: apply plain SQL migration with psql against throwaway Postgres; static SQL review alone is not enough.',
+    ].join('\n'));
+
+    const result = inspectMigrationApplyPlan(sections, ['prisma-schema']);
+
+    expect(result.present).toBe(true);
+    expect(result.hasApplyCommand).toBe(true);
+    expect(result.hasDisposableTarget).toBe(true);
+  });
+
+  it('requires audit writer model when entity_history audit is in scope', () => {
+    const sections = parseMarkdownSections([
+      '# Plan',
+      '',
+      '## Риски и открытые вопросы',
+      '',
+      '- Full audit triggers may expand scope; minimum is entity_history plus helper pattern.',
+    ].join('\n'));
+
+    const result = inspectAuditWriterModel(sections, Array.from(sections.values()).join('\n'));
+
+    expect(result.required).toBe(true);
+    expect(result.present).toBe(false);
+    expect(result.ambiguous).toBe(true);
+  });
+
+  it('accepts explicit DB trigger audit writer model', () => {
+    const sections = parseMarkdownSections([
+      '# Plan',
+      '',
+      '## Шаги реализации',
+      '',
+      '- Create entity_history.',
+      "- Create log_entity_change trigger function using current_setting('app.current_user_id') and attach triggers to core tables for before/after audit.",
+    ].join('\n'));
+
+    const result = inspectAuditWriterModel(sections, Array.from(sections.values()).join('\n'));
+
+    expect(result.present).toBe(true);
+    expect(result.writerModel).toBe('db_trigger');
+  });
+
   it('accepts UI acceptance scenarios with intent, steps, expected visible result and must-catch regressions', () => {
     const sections = parseMarkdownSections([
       '# Plan',
@@ -199,6 +375,54 @@ describe('agent pipeline quality gates', () => {
     expect(result.hasApproach).toBe(true);
     expect(result.hasAntiPatterns).toBe(true);
     expect(result.hasBudget).toBe(true);
+    expect(result.hasMeasurementPath).toBe(true);
+  });
+
+  it('requires a measurement path for O3 optimization strategy before external check', () => {
+    const result = analyzePlanQualityGates({
+      planContent: [
+        '# Plan',
+        '',
+        '## Risk tier and execution budget',
+        '',
+        '- Risk tier: `R3`',
+        '- Speed mode: `Standard`',
+        '- Approved execution target: worker hot path.',
+        '- Requires return to Plan/Check if: budget changes.',
+        '',
+        '## План проверки',
+        '',
+        '### Verification ladder',
+        '',
+        '- Micro-verify during Execute: unit test.',
+        '- Slice-verify before completion: smoke test.',
+        '- External Verify required before closeout: no.',
+        '',
+        '## Complexity / Performance Budget',
+        '',
+        '- Hot paths: worker materializer.',
+        '- Expected data size / row counts: 150k rows.',
+        '- Complexity risks: N+1 queries.',
+        '- Budget / stop rule: < 3 seconds.',
+        '',
+        '## Optimization Strategy',
+        '',
+        '- Optimization tier: O3 measured review.',
+        '- Hot paths: worker materializer.',
+        '- Expected data size / row counts: 150k rows.',
+        '- Chosen efficient approach: batch query and indexed lookup.',
+        '- Anti-patterns avoided: N+1 queries and repeated scans.',
+        '- Optimizer budget / stop rule: one focused review; defer speculative ideas.',
+      ].join('\n'),
+      risk: {
+        riskProfile: 'high',
+        riskTriggers: ['production-runtime'],
+      },
+    });
+
+    expect(result.optimizationTier).toBe('O3');
+    expect(result.optimizationStrategy.present).toBe(false);
+    expect(result.missingSignals).toContain('Optimization tier O3 detected but `## Optimization Strategy` is missing or incomplete.');
   });
 
   it('builds a checker context pack with exact quality-gate questions', () => {
@@ -431,6 +655,42 @@ describe('agent pipeline quality gates', () => {
     expect(issues).toEqual([]);
   });
 
+  it('pre-verify evidence gate blocks migration plans without successful scratch DB apply evidence', () => {
+    const plan = [
+      '# Plan',
+      '',
+      '## Production Rollout Gate',
+      '',
+      '- Impact / blast radius: local schema migration only.',
+      '- Environment / deploy variables: temporary Railway Postgres scratch database.',
+      '- Rollback / disable path: drop scratch database and revert migration file.',
+      '- Post-deploy evidence: apply plain SQL migration with psql against throwaway Postgres; static SQL review alone is not enough.',
+      '',
+      '## Шаги реализации',
+      '',
+      '- Create plain SQL migration with CREATE TABLE statements.',
+    ].join('\n');
+    const execution = [
+      '# Execution',
+      '',
+      '## Production Rollout Evidence',
+      '',
+      '| Check | Result | Evidence | Notes |',
+      '| --- | --- | --- | --- |',
+      '| migration | blocked | Postgres unavailable; static SQL review only | n/a |',
+    ].join('\n');
+
+    const issues = validateExecutionEvidenceForPlan({
+      planContent: plan,
+      executionContent: execution,
+    });
+
+    expect(issues).toContainEqual({
+      category: 'insufficient_evidence',
+      message: 'Migration Apply Evidence must show a successful apply/migrate/psql run against a disposable/scratch database target.',
+    });
+  });
+
   it('requires production rollout gate for production runtime triggers', () => {
     const result = analyzePlanQualityGates({
       planContent: '# Plan\n\n## Затронутые модули и файлы\n\n- deploy runtime env variable for worker',

package/bin/lib/task-manifest-utils.test.mjs

@@ -26,7 +26,18 @@ describe('task manifest utilities', () => {
         '',
         '## Risk tier and execution budget',
         '',
+        '- Risk tier: `R1`',
         '- Speed mode: `Fast`',
+        '- Approved execution target: docs/example.md only.',
+        '- Requires return to Plan/Check if: code changes are needed.',
+        '',
+        '## План проверки',
+        '',
+        '### Verification ladder',
+        '',
+        '- Micro-verify during Execute: markdown review.',
+        '- Slice-verify before completion: self-test.',
+        '- External Verify required before closeout: no.',
         '',
         '## Затронутые модули и файлы',
         '',
@@ -94,7 +105,18 @@ describe('task manifest utilities', () => {
         '',
         '## Risk tier and execution budget',
         '',
+        '- Risk tier: `R1`',
         '- Speed mode: `Fast`',
+        '- Approved execution target: docs/example.md only.',
+        '- Requires return to Plan/Check if: code changes are needed.',
+        '',
+        '## План проверки',
+        '',
+        '### Verification ladder',
+        '',
+        '- Micro-verify during Execute: markdown review.',
+        '- Slice-verify before completion: self-test.',
+        '- External Verify required before closeout: no.',
         '',
         '## Затронутые модули и файлы',
         '',

package/bin/run-check.mjs

@@ -66,6 +66,13 @@ async function runMain() {
   const noCache = getFlag(args, 'no-cache', false) === true;
   const checkerConfig = resolveCheckerConfig(args);
   const runStartedAt = new Date();
+  appendCheckTimeline(taskDir, {
+    event: 'check_started',
+    provider: checkerConfig.provider,
+    model: checkerConfig.model,
+    noCache,
+    dryRun,
+  });
 
   let checkContext = ensureFreshCheckContext(taskDir, taskId);
   const deterministicPrecheck = syncManifestAndStatusBeforeCheck({ taskDir, taskId, checkContext });
@@ -79,6 +86,12 @@ async function runMain() {
       issues: deterministicPrecheck.issues,
       startedAt: runStartedAt,
     });
+    appendCheckTimeline(taskDir, {
+      event: 'deterministic_precheck_blocked',
+      verdict: 'return_to_plan',
+      issues: deterministicPrecheck.issues.map((issue) => issue.message),
+      timing: buildTiming(runStartedAt),
+    });
     runValidator(taskArg);
     console.log(`Checker preflight blocked ${taskId}: return_to_plan`);
     console.log(`- deterministicIssues: ${deterministicPrecheck.issues.length}`);
@@ -146,6 +159,13 @@ async function runMain() {
       cacheKey,
       contextMode,
     });
+    appendCheckTimeline(taskDir, {
+      event: 'llm_input_built',
+      contextMode,
+      cacheKeySha,
+      packMeta: promptPayload.pack.meta,
+      timing: buildTiming(runStartedAt),
+    });
 
     console.log(`Checker LLM input for ${taskId}`);
     for (const line of summarizePackForConsole(promptPayload.pack)) {
@@ -169,6 +189,13 @@ async function runMain() {
         message: `Strict LLM input pack exceeds cap: estimatedTokens=${promptPayload.pack.meta.estimatedTokens}, capTokens=${promptPayload.pack.meta.capTokens}`,
         rawOutput: null,
       });
+      appendCheckTimeline(taskDir, {
+        event: 'context_overflow',
+        contextMode,
+        cacheKeySha,
+        packMeta: promptPayload.pack.meta,
+        timing: buildTiming(runStartedAt),
+      });
       recordLlmInputUsage({
         taskDir,
         stage: 'check',
@@ -184,6 +211,13 @@ async function runMain() {
 
     if (!noCache && restoreFromCache({ taskDir, taskArg, cacheKeySha })) {
       llmInputAttempts.push(buildAttemptRecord(promptPayload.pack.meta, 'cache_hit'));
+      appendCheckTimeline(taskDir, {
+        event: 'cache_hit',
+        contextMode,
+        cacheKeySha,
+        packMeta: promptPayload.pack.meta,
+        timing: buildTiming(runStartedAt),
+      });
       recordLlmInputUsage({
         taskDir,
         stage: 'check',
@@ -197,11 +231,32 @@ async function runMain() {
     }
 
     try {
+      const providerStartedAt = new Date();
+      appendCheckTimeline(taskDir, {
+        event: 'provider_started',
+        provider: checkerConfig.provider,
+        model: checkerConfig.model,
+        reasoningEffort: checkerConfig.reasoningEffort,
+        contextMode,
+        cacheKeySha,
+        packMeta: promptPayload.pack.meta,
+        timing: buildTiming(runStartedAt),
+      });
       providerOutput = await runProvider({
         checkerConfig,
         messages: promptPayload.messages,
         prompt: promptPayload.prompt,
       });
+      appendCheckTimeline(taskDir, {
+        event: 'provider_completed',
+        provider: checkerConfig.provider,
+        model: checkerConfig.model,
+        contextMode,
+        cacheKeySha,
+        verdict: providerOutput.checkResultJson?.verdict || null,
+        providerTiming: buildTiming(providerStartedAt),
+        timing: buildTiming(runStartedAt),
+      });
     } catch (error) {
       const failureReason = error.failureReason || 'unknown';
       writeFailureArtifacts({
@@ -215,6 +270,16 @@ async function runMain() {
         message: error.message,
         rawOutput: error.rawOutput || null,
       });
+      appendCheckTimeline(taskDir, {
+        event: 'provider_failed',
+        provider: checkerConfig.provider,
+        model: checkerConfig.model,
+        contextMode,
+        cacheKeySha,
+        failureReason,
+        message: error.message,
+        timing: buildTiming(runStartedAt),
+      });
       llmInputAttempts.push(buildAttemptRecord(promptPayload.pack.meta, `provider_failed:${failureReason}`));
       recordLlmInputUsage({
         taskDir,
@@ -246,6 +311,13 @@ async function runMain() {
     cacheKey,
     providerOutput,
   });
+  appendCheckTimeline(taskDir, {
+    event: 'check_completed',
+    verdict: providerOutput.checkResultJson?.verdict || null,
+    contextMode: promptPayload.pack.meta.mode,
+    cacheKeySha,
+    timing: buildTiming(runStartedAt),
+  });
   if (!isContextInsufficientResult(providerOutput.checkResultJson)) {
     storeInCache({ taskDir, cacheKeySha });
   }
@@ -263,6 +335,26 @@ async function runMain() {
   console.log(`- finalEstimatedInputTokens: ${promptPayload.pack.meta.estimatedTokens}`);
 }
 
+function appendCheckTimeline(taskDir, event) {
+  const timelinePath = path.join(taskDir, 'check-timeline.json');
+  let existing = [];
+  if (fs.existsSync(timelinePath)) {
+    try {
+      const parsed = JSON.parse(fs.readFileSync(timelinePath, 'utf8'));
+      if (Array.isArray(parsed)) {
+        existing = parsed;
+      }
+    } catch {
+      existing = [];
+    }
+  }
+  existing.push({
+    at: new Date().toISOString(),
+    ...event,
+  });
+  writeTaskFile(taskDir, 'check-timeline.json', JSON.stringify(existing, null, 2));
+}
+
 function buildAttemptRecord(packMeta, outcome) {
   return {
     mode: packMeta.mode,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@besales/ops-framework",
-  "version": "0.1.17",
+  "version": "0.1.20",
   "type": "module",
   "bin": {
     "ops-agent": "bin/ops-agent.mjs"